Bug 1384334
Summary: | On an SSL enabled overcloud the Neutron api returns http URL | |||
---|---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Marius Cornea <mcornea> | |
Component: | openstack-neutron | Assignee: | John Schwarz <jschwarz> | |
Status: | CLOSED ERRATA | QA Contact: | Marius Cornea <mcornea> | |
Severity: | high | Docs Contact: | ||
Priority: | high | |||
Version: | 10.0 (Newton) | CC: | amuller, chrisw, ddomingo, ihrachys, jschluet, jschwarz, mburns, mcornea, nkinder, nyechiel, oblaut, srevivo | |
Target Milestone: | rc | Keywords: | Triaged | |
Target Release: | 10.0 (Newton) | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | openstack-neutron-9.0.0-1.7.el7ost | Doc Type: | Bug Fix | |
Doc Text: |
This release adds a HTTPProxyToWSGI middleware in front of the OpenStack Networking API to set up a request URL correctly in case a proxy (eg. HAProxy) is used between the client and server. This ensures that when a client uses SSL, the server recognizes this and responds using the correct protocol. Previously, using a proxy made it possible for the server to respond with HTTP (instead of HTTPS) even when a client used SSL.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1384340 (view as bug list) | Environment: | ||
Last Closed: | 2016-12-14 16:18:25 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1384340 |
Description
Marius Cornea
2016-10-13 06:54:01 UTC
Testing fails with the current build. I believe in order to be able to verify this we also need a fix for BZ#1384340 which is still in NEW state. curl -s -H "X-Auth-Token: $OS_TOKEN" https://172.16.18.25:13696 | python -m json.tool { "versions": [ { "id": "v2.0", "links": [ { "href": "http://172.16.18.25:13696/v2.0", "rel": "self" } ], "status": "CURRENT" } ] } Marius, do you have a specific puppet patch on your mind? (In reply to Ihar Hrachyshka from comment #4) > Marius, do you have a specific puppet patch on your mind? Yes, it looks that this one fixes addresses the issue: https://review.openstack.org/#/c/400591/ Marius, puppet-tripleo doesn't have a patches branch. In other words, patches are automatically synced from upstream. Putting a needinfo on Mike Burns who I hear deals with the syncs. This has landed in the latest build and canbe verified: { "versions": [ { "id": "v2.0", "links": [ { "href": "https://172.16.18.25:13696/v2.0", "rel": "self" } ], "status": "CURRENT" } ] } Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-2948.html |